CVSS: 10.0EPSS: 49%CPEs: 6EXPL: 3CVE-2023-34152
https://notcve.org/view.php?id=CVE-2023-34152
30 May 2023 — A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. • https://github.com/SudoIndividual/CVE-2023-34152 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-34153 – Gentoo Linux Security Advisory 202405-02
https://notcve.org/view.php?id=CVE-2023-34153
30 May 2023 — A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution. Versions greater than or equal to 6.9.13.0 are affected. • https://access.redhat.com/security/cve/CVE-2023-34153 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 1CVE-2023-1981 – avahi: avahi-daemon can be crashed via DBus
https://notcve.org/view.php?id=CVE-2023-1981
26 May 2023 — A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash. USN-6129-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Avahi incorrectly handled certain DBus messages. • https://access.redhat.com/security/cve/CVE-2023-1981 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-1729 – LibRaw: a heap-buffer-overflow in raw2image_ex()
https://notcve.org/view.php?id=CVE-2023-1729
15 May 2023 — A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. • https://bugzilla.redhat.com/show_bug.cgi?id=2188240 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2513 – kernel: ext4: use-after-free in ext4_xattr_set_entry()
https://notcve.org/view.php?id=CVE-2023-2513
08 May 2023 — A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors. Jordy Zomer and Alexand... • https://bugzilla.redhat.com/show_bug.cgi?id=2193097 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 16EXPL: 5CVE-2023-32233 – kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
https://notcve.org/view.php?id=CVE-2023-32233
08 May 2023 — In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and write... • https://github.com/oferchen/POC-CVE-2023-32233 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30549 – Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer
https://notcve.org/view.php?id=CVE-2023-30549
25 Apr 2023 — Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service an... • https://access.redhat.com/security/cve/cve-2022-1184 • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-1668 – openvswitch: ip proto 0 triggers incorrect handling
https://notcve.org/view.php?id=CVE-2023-1668
10 Apr 2023 — A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. An update for redhat-release-virtualization-host and re... • https://bugzilla.redhat.com/show_bug.cgi?id=2137666 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0664
https://notcve.org/view.php?id=CVE-2023-0664
29 Mar 2023 — A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. • https://bugzilla.redhat.com/show_bug.cgi?id=2167423 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3923 – kernel: stack information leak in infiniband RDMA
https://notcve.org/view.php?id=CVE-2021-3923
27 Mar 2023 — A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. • https://bugzilla.redhat.com/show_bug.cgi?id=2019643 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •